skin color theme

Hey there! Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 91987 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Advertisements

Hi,
The forums are really busy, that explains why logs get behind. If you still need some help, please start with posting a new hijackthislog in this thread. Don't start with a new thread.
Then I'll take a look.
Regards,
Rosty.

Want to help others? Join the ClassRoom and learn how.
Thank you for considering a Donation to What the Tech!

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:Ad-Aware SE Setup
Don't run it yet!

Next, please reboot your computer in SafeMode by doing the following:

1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.

Please open HijackThis and click do a scan only and place a check next to the following entries:

Please close all other Windows and browsers,except HijackThis and click Fix Checked. Exit Hijackthis.

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

Open Ad-aware and do a full scan. Remove all it finds.

Now run ATF-Cleaner:

Double-click ATF-Cleaner.exe to run the program.

Click Select All found at the bottom of the list.

Click the Empty Selected button.

If you use Firefox browser, do this also:

Click Firefox at the top and choose Select All from the list.

Click the Empty Selected button.

NOTE : If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser, do this also:

Click Opera at the top and choose Select All from the list.

Click the Empty Selected button.

NOTE : If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

IMPORTANT: Do not open any other windows or
programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:

Lauch AVG Anti-spyware by double-clicking the icon on your desktop.

Select the "Scanner" icon at the top and then the "Scan" tab
then click on "Complete System Scan".

ewido will now begin the scanning process, be patient this may take a little
time.Once the scan is complete do the following:

If you have any infections you will prompted, then select "Apply all
actions"

Next select the "Reports" icon at the top.

Select the "Save report as" button in the lower left hand of the
screen and save it to a text file on your system (make sure to remember where
you saved that file, this is important).

Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the
results of the AVG Anti-Spyware scan.

Post a new HijackThis Log, the contents of smitfiles.txt and the AVG Anti-Spyware Log by using Add Reply.
Let us know if any problems persist.
In my next post we will take a look what programs that can be deleted from booting up at start-up.

Regards,

Rosty.

Want to help others? Join the ClassRoom and learn how.
Thank you for considering a Donation to What the Tech!

One line in your log was related with the Smitfraud infection and the other lines where leftovers.

Lets take a look for the rest.

The next entries are optional, to speed up your system.
Open HijackThis and click do a scan only and place a check next to the following entries;

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
Anti-spyware from Dell. Seems that after Dell found out certain applications being installed from DVD's would report back information about what customers were watching, they decided to implement an anti-spyware service. Run manually before installation starts

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" NvQTwk,NvCplDaemon initialize
System Tray icon used to change display settings, change the clock rate and memory speed for nVidia based graphics cards. This is unnecessary since you can easily configure these settings the way you want them in the Display Properties and not have to mess with them again. Also disable the "NVIDIA Driver Helper Service" if enabled as it can cause this entry to be re-enabled on re-boot (note that this service can also cause extreme shutdown delays if enabled - see here)

Close all otehr windows and browsers, except HijackThis, and click Fix Checked. Close HijackThis.

Your Java Runtime Environment is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

If you mean AVG Anti-Spyware then I can tell its not a virus scanner but a anti-spyware protection tool!!!
To be honest with you, I don't use MCAfee or the AVG virusscanner, so I can't tell you.
But from what I heared from other people they are bothe excellent scanners.

Please post back and let me know how your system is running.

Regards,

Rosty.

Want to help others? Join the ClassRoom and learn how.
Thank you for considering a Donation to What the Tech!

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we at TC are to help you, for your sake we would rather not have repeat customers.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

AVG-AntiSpyware
Install it,update it to the latest definitions, and perform a full system scan.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:http://www.mozilla.o...oducts/firefox/

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

0 user(s) are reading this topic

About What the Tech

Tom (Coyote) Wilson started this site as TomCoyote.org in 2002. Along with SpywareInfo, it was one of the first places to offer online malware removal training in its Classroom. Cluster headaches forced retirement of Tom in 2007, and the site was renamed "What the Tech". Free malware removal help and training has remained a constant.